Here's a summary of what foreign powers got access to:
- identities of undercover operatives
- personal identity data of everyone with a driver's licence
- people with protected identities
- location of all army vehicles
- money transport vehicles
- classified infrastructure information
Even worse: when they realized they'd leaked photos, home addresses and SSNs of protected identities, they sent a clear text email asking the contractor to clear them from the database manually.
<emotional rant>
My country is a joke.
SÄPO knew about this in 2015, and recommended against it, but the Transport Agency still went through with the deal. How they could even be allowed to do that is beyond me.
The director general of the Transport Agency, and the person ultimately responsible for the leak, was fined a mere $8500 (which is half of what she allegedly would earn in a _month_) for leaking highly classified information to foreign powers - an act that would be punished as high treason in any sane country. Either she knew exactly what she was doing, meaning the Russians paid a meagre $8500 for full access to a database containing top secret information, or (more likely) she was just that stupid, meaning possibly hostile powers got this information for free.
But hey, that's Sweden, where incompetent people become director generals of big government agencies, and any screw up they get caught with is excused by saying that you didn't know better.
Here, Swedes believe that Trump is such a catastrophe, and wonder why Americans could vote for him. We should instead look at our own pathetic "feminist" government, and ask ourselves how and why we got here.
But hey, luckily for everyone we don't have nukes. We'd probably accidentally give the launch codes to Saudi Arabia/Palestine, and respond by giving the person responsible for the leak a small fine while the rest of the world burned in the war that erupted after Israel got nuked.
</rant>
Well, she was also fired (finally) and her career is finished. I agree it was monumentally stupid. But "punished as high treason"? Treason requires intent. She most certainly did not intend to be criminally disloyal to the country. Merely being ignorant and incompetent is not treason.
This is a major fuckup but let's be real. Our country is a "joke"? I know complaining is a national sport in Sweden, much like in many other countries, and I can rage about plenty of idiotic things going on. But on the whole, things are in general pretty good, relative to most other countries in the world. Move elsewhere and you'll just find a different set of things to be mad about (perhaps more, perhaps less; and there's always a bunch of Swedish expats who complain that things don't work like in Sweden).
Wait what? She knew that was a possibility and that it is highly illegal and still she went through with it.
I would say that is having intent if anything. I love my country but I think she should be punished a lot harder. Arkebusering på slottsgården. But since that will never happen, 12 years in jail is probably enough.
But crucially not intent to commit treason. Gross negligence, sure (this she also admitted to). And I agree that she - and several others - ought to be punished much harder. But being naïve and incompetent (basically "yeah this is a problem but IBM can't provide people with security clearance yet, it takes too much time, and we're too far into the process and if we stop now many things - such as giving out driver's licenses and checking them - won't work for a while")... is, again, not treason.
Just like involuntary manslaughter is not murder, and so on.
Being ignorant and incompetent and taking a job that your national security depends on that you can't do is treason in my book.
I like Sweden, but the "on the whole, things in general" is a dangerous theme. Real problems and injustice exist in the margins and long tails, typically these can be fixed at manageable cost but not if they are ignored.
Not saying problems don't exist. Just trying to be realistic. Shouting about how everything has gone to hell and the country has become a joke can also be a dangerous theme feeding populist movements. Let's focus on what's actually broken.
>on the whole, things are in general pretty good, relative to most other countries in the world.
15 years ago, those relativizations wouldn't have been necessary. Sweden was a poster child of a good society and now it isn't. Many things in your country did deteriorate quickly over the last decade or so, no matter how you try to coat it.
"At least we're still better than others" is a pretty sad statement by itself when you realize that you could be doing a lot better.
My country is currently going down the same road and it's saddening to see that we didn't learn from your mistakes.
Are you sure you're not looking at the past through rose-tinted glasses? Not trying to coat anything, but I very well remember people talking about the country going down the drain 15-20 years ago too, following various incidents/attacks/scandals.
For sure some things have deteriorated (and others improved). So it goes. What are some of these things you believe have "quickly deteriorated"? (Genuinely curious)
Your police have basically admitted that if worst comes to worst, they won't be able to uphold the law. 53 criminal zones, for a country like Sweden with relatively little police and military, are beyond managable.
We see the same in Germany, but people choose to ignore it. There are more and more areas in cities where you can't make use of your democratic liberties without being subjected to violence, mostly connected to muslim inhabitants that think their religion is above the law. We have more police and resources to cope with it, but it's reaching its limit.
The police identified 53 exposed zones, of which 15 are in the most serious category. It's indeed a big problem (hence this report and a lot of talk about it in Sweden).
At the same time I think a lot of people from countries where you really have areas you avoid as a citizen (say, the US) often get the wrong impression when they read about so-called "no go" areas. There's no area on this list that I would avoid going to. And I've been to many, many of them, and have friends/family living in many of them (nearly all violence is between criminals).
Again, not saying it's not a problem. It's a big problem. The police were given more resources in the latest gov't budget to deal with exactly this and will surely get more next year and it'll surely be an important topic in the 2018 election. We'll see how it goes.
What are some other things you think have quickly deteriorated? I'm interested in this outsider perspective.
I realy fail to see how being a "feminist" government has any bearing on the issue at hand. Sure the government screwed up, but the rant part just takes away from the valid points you've raised.
I think he means that the selection criterion to be in the government was conformance to fashionable ideologies instead of actual competence - but honestly, that is how politics works everywhere.
But she wasn't a politician but a director of a government agency, that is why it's so dangerous wish pervasive ideologies (in this case socialist-feminist) they allow incompetent people to screw up badly and get away with it.
How can this be Alliansens fault? It was the current government-assigned general director of the Transport Agency that knowingly broke the law. She was even informed by SÄPO (Swedish equivalent of MI5 or CIA) that what she's trying to do is illegal, but still went through with it.
The problem here is not outsourcing, because it is completely legal to do so as long as the company outsourced to goes through with proper security checks and clearances. For example the servers has to be located in Sweden and that proper access permissions are set for the employees.
Outsourcing can in some cases be a very good choice to improve efficiency of tax spending.
Nitpicking: Säpo is not the Swedish equivalent of the CIA. e.g., the single largest expense of Säpo is protection of dignitaries, which is a role held by the USSS, not the CIA.
If SAPO let this happen, after they advised her. Then thats on SAPO.
But then, there is perhaps something she is not telling them. Because to implement this AFTER your main intel service says its not a good idea or legal, is kind of ...odd isnt it?
Notice how it starts in 2015. The last election we had was in 2014 and that's when the change in government occurred. Check your facts, don't just parrot stuff you read on blogs :)
I'm not familiar with Sweden's "feminist" government. Can you help foreigners understand? Was it, for example, a matter of existing staff members hiring new ones based on gender rather than on competence? Any reading material on the matter? It sounds like it's a well-known political argument in Sweden, I just don't know the background.
It is self defined, as in they call themselves feminist. You will be hard pressed to find any distinguishable feature.
You brought up hiring new staff. This government is the largest employer in the nation and has worse gender segregation than the private industry. One could be forgiven to think then that a "feminist" government would have at minimum create a recommendation in the hiring policy to address that. Nope. Government hired positions still top as the most extreme gender segregated professions in the nation and the trend with this government is more gender segregation in government hired positions, not less.
TL;DR:
Link is to a rambling blog article about a perceived slight (moving money from a 'foreign aid' budget to a 'refugees' one) that will have an unsubstantiated outcome (Sweden will accept only male refugees in the country), apparently based on a well-known falsehood ("most refugees are single adult males" [1]). Blog has articles such as "Sweden should have guns like Texas because ISIS!".
Blog author is not Swedish but lives there. You gotta love how immigrants (who typically don't peep much and commit either the same level of or less crimes than natives [2]) are often accused of not integrating enough, while you can always find white immigrants like our blogger here ready to lecture their host country on how they should run themselves.
I suspect some of the off-topic comments in this thread are because this is about Sweden, a country that has become the target of all sorts of fantasies by much of the Western far right.
Please note, though, that the snopes link only refutes a specific picture used as evidence, and only gives statistics with respect to Syrian refugees - which are probably the more (perhaps only) deserving of "refugee" status by UN definitions - so it does not, in fact, disprove that "most refugees are single adult males" - and in fact - especially in Sweden - they are.
I quote from [0] which links to primary sources, including the swedish immigration authorities (which I cannot confirm because I can't read swedish):
""" According to Swedish government statistics, as of the end of November, 71 percent of all applicants for asylum to Sweden in 2015 were male. More than 21 percent of all migrants to Sweden were classified as unaccompanied minors, representing more than half of all minor migrants to the country. For accompanied minors, the sex ratio was about 1.16 boys for every one girl. But for unaccompanied minors, the ratio was 11.3 boys for every one girl. In other words, the Swedish case confirms IOM’s statistic that more than 90 percent of unaccompanied minors are male. Indeed, on average, approximately 90 unaccompanied boys entered Sweden every single day in 2015, compared with eight unaccompanied girls. """
>> the snopes link only refutes a specific picture
The article provides statistics as recent as 2016. It does more than refute a single picture.
>> Syrian refugees - which are probably the more (perhaps only) deserving of "refugee" status
Just off the top of my head: Eritrea, Lybia, Western Iraq, Burma. And that's not counting locally displaced refugees who don't reach Western shores (Burundi, Nigeria, Yemen).
Regarding your source:
Specifically regarding Sweden, this does not really counter what I said. Your source notes that the demographic that leans (very) heavily male is unaccompanied minors (in fact it seems they account for almost all of the male imbalance in Sweden?). These are not single adult males (I used that term because the linked blog heavily relies on the "dangerous young adult" trope mentioned by Snopes -- by 'single' I mean 'not married'). Your source however does show that there are more adult males registered in Greece and Italy. Quick aside: registered refugees do not get to choose their assigned countries of residence if/when their status as refugee is recognized.
I'd say there is quite a world of difference between groups of "young adult males" and unaccompanied minors (who are in that situation presumably because they have lost their families).
>> and in fact - especially in Sweden - they are
But do you have better sources than this one which says these are boys, not men? The point of my post was that the linked blog made loaded claims without substantiating them, so I only went as far a providing a counter-point. Maybe the current Swedish government does in fact have a policy locally favoring male refugees directly or indirectly (which in absolute is possible since, as noted above, refugees don't get to choose where they end up), but he provided no evidence.
I am on mobile now, can't google efficiently, and the statistics here are lacking either way, but Swedish policy is to accept anyone who claims their are a minor and has no documents to prove otherwise - as a result, young people lose their docs and claim to be less than 18.
This was made widely public when a 23-year old who got asylum as a 17-year old killed a social worker at the asylum about a year ago, and investigation showed that at least 10% of "minor" asylum seekers at that place were above 20. Google may give you more details.
I did not know that (and that was certainly more informative than the other guy's post). Although I understand the duty to assist minor, the lack of checks is disturbing, especially since it's likely to not go well for anyone (having known someone who did work on refugee cases a while ago, having no legal documents can lengthen the procedure significantly, so they'll be stuck in a center for years, and they do check testimonies as much as possible, so they may end up getting kicked out).
I did Google, and Google tells me Sweden wants to introduce age tests to address this issue (I hope they don't outsource it to IBM).
I disagree with your other post regarding the fact that a refugee being 16 or a young adult doesn't change much: what we are discussing here, beside the racist Predatory Brown Men are coming! thing, is the legitimate concern over the necessary cultural integration of refugees in their host country Vs becoming a problem for society. We know that a husband or dad (or a family unit in general) is much less likely to cause any trouble. That would less be the case with a young single adult, who is fully autonomous and has no dependents. A kid, even at 17, is much less autonomous, will have an educator or foster family, will go to school, etc, they are going to be 'enrolled' much more actively into society.
> A kid, even at 17, is much less autonomous, will have an educator or foster family, will go to school, etc, they are going to be 'enrolled' much more actively into society.
That's nice in theory, but it doesn't actually bear out in practice. As one example, according to [0], even second or third generations fail to integrate (with disastrous results), and AFAIK that's the rule rather than the exception (though there are quite a few exceptions, more in the UK, less in mainland Europe). It's not enough if even 50% integrate successfully when the number of immigrants is so high.
Sweden has started doing medical age tests on migrants who claim to be minors. The tests are still voluntary and the results are not binding in any way. The first results are in with the 'expected' results: 76% of those claiming to be minors are in fact over the age of 18. they tested 581 asylum seekers (96% were men, 4% women). 442 of them (430 men, 12 women) were over 18 according to the test results. 5 of them (all women) were possibly over the age of 18. 134 of them (133 men, 1 woman) were possibly under the age of 18. None of them were certainly under the age of 18.
So, yes, those who expected the majority to lie about their age have been proven correct.
Don't be so sure they aren't. They have every incentive in the world to lie. They already violated international law once by seeking refugee status in Sweden instead of first peaceful port.
Either way, even if they are just 16, it does not change the fact that two years later, the vast majority of adult refugees are male.
Because your first link talks only about Syrian refugees and only a fraction (<30%) of those coming to Europe were from Sweden. It also talks about refugees in neighbouring countries, which changes the picture a lot.
> as of 16 March 2016 they had recorded nearly 5 million registered
> Syrian refugees: 2.1 million of them in Egypt, Iraq, Jordan and
> Lebanon, another 1.9 million in Turkey, and more than 28,000 in
> North Africa.
I don't have any, as said in my reply to beagle3, I was commenting on an article that was making claims about Sweden without showing data. And the data I found, which is more general, does contradict his claim.
Regarding the refugees entering Europe: initially something like 90% of refugees were in Turkey/Lebanon/Jordan, but the camps there started to crumble under the demographic pressure and lack of funds, and people started a westward migration. Most people arriving in Greece are in fact coming out of Turkish refugee camps, as far as I know. So Europe saw its number of refugees double from 10 to 20% in pretty much one year, and it's not really known if the deal with Turkey will stabilize this number.
Your source is better than mine and does show an imbalance in the adult demographics applying for refugee status in Europe, but it is still lacking enough details to support a "single adult males storming the gate" hypothesis: according to the Snopes article most "entering-the-EU-as-single" male refugees are married or part of a family but cross over to Europe alone to apply for the status and then bring their family in later, officially and through non shady/dangerous routes. It makes sense that they would temporarily leave their family in the relative safety of established camps, and the fact that there is no male-leaning imbalance in the overall refugee population supports this. I can't find the source for this but in general "unmarried/alone young adult males" represent a small amount of the overall refugee population [1].
I will also point out again that refugees are in fact "applicants", and once accepted do not choose in what country they end up. If Sweden ends up with a disproportionate number of young men, it will be because of a policy decision, not because they walked in a settled there. Case in point: Canada is taking in plenty of refugees, but not unmarried adult men: https://www.theguardian.com/world/2015/nov/24/canada-exclusi...
[1] There is this piece by Samantha Bee: https://youtu.be/na7pFnoLxjw?t=3m6s saying it's about 2%, but it's about the US and they provide no source, and I suspect a refugee expert being interviewed on a liberal show will not be accepted by some.
I was with you for the first half, but the second half where you say the russians got stuff is silly and then the rant against 'feminist' government etc is just plain stupid.
One of the contractors who got access to the data was employed by the Serbian military for a decade. I suppose you are aware of the ties Serbia and its military has to Russia? It's not unprobable that this guy sold the information to Russia. Even if not, Sweden must treat a potential leak like this as a real leak, or else risk endangering their operatives.
hehe I agree. That poster went kind of bizarre there in the end. None of these things have anything to do with a Data breach. How weird they adopted white nationalist sentiments at the end..
For those of you who got triggered by "feminist", please do note the quotes. I.e., it's their claim, not mine[1]. I personally don't see that they've done much for gender equality, so they only make that claim because it's fashionable.
In the end it doesn't matter how feminist a government is if it cannot properly rule a country, and their actions speak louder than empty words.
What I personally find so galling about the whole debacle isn't that Maria Ågren wasn't punished enough, but the signals the state sends to the people. She got away with a slap on the wrist, and she will continue to earn $14 000/month in the forseeable future[2].
If someone becomes a director general of a state agency their resonsibilities and culpability should increase with the salary. Criminal incompetence is still criminal, and should be prosecuted.
I must say that if the data leak leads to the fall of the gouvernement, it will force everyone else to take it seriously. That would be a big advance to the credit of Sweden. (In most countries the gouvernement wouldn't fall for "so little")
Data breaches, loss of privacy are common, everywhere. The novel aspect here is this news wasn't buried.
Yes, please be outraged.
But please also realize its the norm. We (society) do not have the laws, rules, procedures, or technology to prevent or mitigate it.
Edit: Just quickly read up on this incident. They did try to bury it. But I read one account that stated one the Pirate Bay guys daylighted the breach. Delicious irony. So this scandal is now at stage 4: Assign the blame. Next is stage 5: Rinse, lather, repeat.
>Here, Swedes believe that Trump is such a catastrophe, and wonder why Americans could vote for him. We should instead look at our own pathetic "feminist" government, and ask ourselves how and why we got here.
Swede here. I don't even know how many times I've thought and said these exact words. Spot on.
> Here's a summary of what foreign powers got access to:
It's not been established that foreign powers got access to the data. It's considered a leak because confidential information is considered leaked as soon as it's not handled correctly.
> Even worse: when they realized they'd leaked photos, home addresses and SSNs of protected identities, they sent a clear text email asking the contractor to clear them from the database manually.
There were two leaks. One was the information not being handled correctly, the other was the disclosure of people with protected identities in the "car registry" to companies that would use the data to send advertisements to the owners. This wouldn't have included photos or SSNs.
> SÄPO knew about this in 2015, and recommended against it, but the Transport Agency still went through with the deal. How they could even be allowed to do that is beyond me.
They weren't really allowed, which is why the head of the agency was prosecuted.
> Either she knew exactly what she was doing, meaning the Russians paid a meagre $8500 for full access to a database containing top secret information, or (more likely) she was just that stupid, meaning possibly hostile powers got this information for free.
The investigation concluded that she was aware that she was breaking the law but not that the leak was intentional as such, therefor it was "willful negligence".
> Here, Swedes believe that Trump is such a catastrophe, and wonder why Americans could vote for him. We should instead look at our own pathetic "feminist" government, and ask ourselves how and why we got here.
That's silly.
- IT operations used to be run by another government agency called The Transport Administration (vs. The Transport Agency).
- The decision to outsource was done under the former government by the the former head of the agency in 2012.
- The previous contract on IT operations was already cancelled, the staff was being let go, the facilities cleared and would no longer be available come January 2015.
- The former head of the agency retired in February/March 2015, the deal with the IBM was concluded by the new head of the agency in April 2015.
- The event is one in a long line of outsourcing and public-private partnership failures. Including the Public Employment Agency, Social Insurance Agency, Karolinska University Hospital etc.
The only reason this outsourcing failure is big news is because the government is weak, "the alliance" in opposition is even weaker and there's an election next year. Anakata of The Pirate Bay fame hacked Logica (another consulting company) in 2012 accessing confidential data from multiple government agencies.
Reading the article, I am reminded of the story of the famous Swedish ship, the Vasa [0], which sank in the XVII century because, ultimately, no one wanted to say no to the king: when the engineers saw there was a massive problem ahead ("your boat don't float"), the management didn't dare tell the King, leading to catastrophe[1].
[1] : I'll admit it is a fantastic chance for historians and tourists alike: The wreck, pulled from the waters perfectly preserved, is a must-see in Stockholm
The biggest problem with this story is not that it happened, it is that it could happen again. IT issues is heavily underestimated in government agencies and corporations [1], viewed like it' nothing important. The same goes for politicians, they don't give so much attention to IT at all.
The problem is of course lack of knowledge. They don't understand how important it is and that it is one of societies most critical infrastructure today.
Hopefully this incident will be a lesson to politicians and government agencies to care more about security and IT in general.
There is a lot of resistance, universally it seems, to the concept that outsourcing is different to in-house development/administration. It doesn't even seem like its a knowledge issue, but rather willful ignorance. Cost, convenience, and less likelihood to be blame for faults is more important than security and control.
To take one example, only government entity that I know that don't outsource email would be the military, and even there I doubt the in-house use is 100%.
It's darwinian; if you don't deliver the savings you are out. One solution would be rigorous research that demonstrated that insourced onshore operations were more effective and cheaper in the long run. But no such research exists, is that because it's hard to do or is it because the result is that offshoring and outsourcing is cheaper and as good?
Ronald Coarse won a Nobel Prize for his work on transaction costs, and how those (usually hidden) costs should be considered when companies externalize business functions.
Coase’s writings and teachings lead directly to the idea of accounting for all costs in any business or outsourcing endeavor, or “Total Cost of Ownership.”
That's just an example of "vested interests" proving that outsourcing is not all rainbows and unicorns.
One thing I've noted is the budget and effort that outsourcers put into killing corporate IT. Not only in the frank effort (as in one outsourcer ringing my CEO and telling him that I was "a problem" luckily my CEO thought this was hugely funny) but also more with more subtlety - sponsoring research that is aimed at undermining incumbent IT. For example, cost metrics derived from peer studies that show that everyone is spending too much - there's money on the table to be had. This generates a cycle of cutting, internal and then when the money is not delivered in full consultants are brought in to "help access the value".
In house has no budget for this, we rely on the public space and academia for validation and fair insight. It's telling that Coarse was active from the 30's to the 70's as was J.K. Galbraith who wrote about the technostructure. Managerial capitalism has been slaughtered, bits of it are flopping around weakly. It seems to me that the neo-liberal replacement has helped billions out of poverty in China, India, Indonesia and so on, but this is an unstable situation. It's not clear that the greater good can continue to be served if the economies of the west cannot be reconstructed to provide far larger numbers of stable, interesting and reasonably well paying jobs. Neo-liberalism has failed in that sense and seems not to have anything to say about it apart from "tough, you lot had it too good for too long and now you have to be as rich or poor as people in India and China." Which implies dictatorship.
There's a really good breakdown of the Swedish Security Service's (Säpo) report on this case in Swedish, written by a knowledgeable journalist. It's fairly ok in English through Google translate. http://www.breakit.se/artikel/8326/jag-laste-sapos-gransknin...
Our leaders have no incentives to solve these problems. Most of the leadership class today get to their positions not by trying to address any such problems. The skills they pick up along the way have nothing to do with what's reqd in these cases.
The top ministers in charge of this scandal are impeached by the opposition. Our prime minister Stefan Löven is having a press conference tomorrow at 10am (+1gmt) and possibly the entire party will resign to hand over power to the Moderates (right wing) because of this.
Literally handing over power to the conservative block is hardly on the table.
As one (probably unlikely) alternative the whole government might be dissolved, but that would pass the task of forming a new one back to the parliament.
I guess the most likely scenario is that the current PM tomorrow at 10am will announce that the current goverment has resigned and that it's then upon the Speaker of the Riksdag/Parliament to try to form a new government that will meet the acceptance of the parliament.
One note: the "right-wing" alliance of four parties who was behind this impeachment notice (I should use more quotes, they really are centrist as a group) parties earlier today announced that they would not seek to form an independent government with the help of Sverigedemokraterna, the anti-immigration and rightwing-ish party currently polling at around 20-25%.
Instead they would seek to form a new government together with the social democratic party they just claimed was not trustworthy.
Yes, it's odd.
(On the whole though I'm happy that we can have a political crisis like this without the country falling apart. Everyone is behaving perfectly orderly.)
It is more than odd and it will only serve to steer more voters to the Sweden Democrats (SD).
For those not totally in tune with Swedish politics, the current government (S - social democrats - and MP - Miljöpartiet, 'environmental party') more or less stumbled right out of the starting blocks as the opposition voted down their budget. This would normally have ended with a resignation followed by a new formation attempt or new elections but this did not happen, the reason being the 'threat' of SD getting in a position of power. At that moment SD had the support of around 13% of those Swedish voters who actually turned up to vote. The opposition - which had just voted down the budget - now supported S and MP staying in power, enacting the budget proposed by the opposition. This became known as the 'decemberöverenskommelse' (December agreement).
Of course the ruling parties - S and MP, both left-wing - did not try to implement the budget as the opposition intended, they more or less went their own way. Already marred by a few scandals - e.g. the forced resignation of the minister for housing (MP) when his rather tight connections to the Erdogan-regime in Turkey, his mingling with the 'Grey Wolves' [1] (a Turkish ultra-nationalist organisation) and his connections to the Muslim Brotherhood became clear even to those who tried their best not to notice - the government stumbled along without any clear plan or direction. While they produce a lot of hollow rhetoric about their 'ethic values' (the Swedish concept of "värdegrund", [2]) and boast about being the "first feminist government" they have not acted decisively on real issues cropping up in the country, often going so far as to deny the issues. This has led to comparisons with the infamous Iraqi minister for Information, Muhammad Saeed al-Sahhaf [3] who was known for stating things as he wanted them to be instead of the way they were, even when confronted with irrefutable evidence.
All this served to push more and more people towards SD, the social stigma of being associated with this party notwithstanding. If the "opposition" - quotes around the word as it is no longer clear whether the parties of the "alliance" can be considered to oppose the current government as they did support its rule under the December agreement - does go along with S and possibly MP (which by now has lost enough support to end up under the 4% threshold) they will lose even more voters to SD. In the latest poll by Sentio the combined support for the current government parties was 26.2% while SD got 26.8%, in other words there is more support for SD in Sweden than for the coalition of S and MP. The trend has been for support for SD to roughly double every four years (the election period in Sweden), from 3% to 6% to 13% to now 26%. It is unlikely for this trend to hold but it is certainly possible for them to end up with about a third of the votes in the country. Disenfranchising these voters will have a disastrous effect on the trust in politics and politicians in Sweden, a trust which is already at bottom level.
For those not following the rich drama that is Swedish politics:
"Sweden Democrats or Swedish Democrats (Swedish: Sverigedemokraterna, SD) is a nationalist political party in Sweden that was founded in 1988. The party describes itself as social conservative with a nationalist foundation, however the party has been described as far-right, right-wing populist, national-conservative, and anti-immigration. The party had its roots in Swedish fascism and was a part of the white supremacy movement in the late-1980s; initially, it was characterized by right-wing extremism and activism. Among the founding party officials were several people that had formerly expressed strong support for the ideology of Nazism. SD's logo from the 1990s was a version of the torch used by the UK National Front, until it was changed to an Anemone hepatica flower in 2006 (Swedish: blåsippa)."
Sweden as a country has a history with extremism, 'Nordic' nationalism and national-socialism, this includes nearly all parties from all sides. The social democrats (S) were in cahoots with the nazi-regime in Germany in the second world war and agreed with parts of their ideology. That this started long before before the war is clear when looking at e.g. the founding date of the Swedish State Institute for Racial Biology by a social democrat and a farmers union leader in 1922 [1]. It was on a proposal from Sweden and Switzerland that nazi-Germany started stamping passports with a red "J" to indicate that the carrier was considered to be Jewish, the stated reason being that this made it easier to refuse those people access to those countries.
These nationalist and extremist tendencies did not die with the end of Nazism either. The social democrats also have a murky past when it comes to relations with e.g. the DDR (German Democratic Republic, i.e. eastern-Germany) and other communist regimes. With the rise of Olof Palme and his followers the social democrats, and with that Sweden turned away from Nordic nationalism and instead went the diametrically opposite direction - another example of the Swedish tendency to go for extremes. Palme was impressed by what he considered to be the "success" of the DDR and spoke in praise of their "successes" without any mention of the way they treated those who did not follow the party line. He also admired Fidel Castro's Cuba and other similar countries.
This fascination with political extremes continues to this day, an example of which is the left-wing "Researchgruppen" (research group). This is a left-wing NGO intelligence service which proudly considers itself to be "the Swedish Stasi" [2]. Like the original Stasi (Ministerium für Staatssicherheit, the east-German intelligence service which kept records on millions of people and had informants spread throughout the population) they keep a database of people with 'dissenting' political views, most of the contents of which comes from burglary. This "research group" works together with the left-wing magazine "Expo" which had and has several prominent social democrats in their leadership.
In the second world war Sweden used the motto "en svensk tiger" (which means both "a Swedish tiger" and "a swede keeps silent") to remind the populace to secrecy. This term can equally well be applied to the attitude within the social democratic party and for that matter the communist/'left' party which has a history of its own worth revealing. Swedish social democrats like to see themselves as shining beacons of solidarity and openness. They'd do well to do some research into their past to try to avoid past mistakes.
I don't know how much blame you can put on IBM here.
- The Transport Agency decided to outsource operations, and IBM won the contract (April 2015)
- The following month, the head of the agency decided to ignore certain laws about privacy, secrecy, etc., as well as the agency's own requirements about information security
- The Swedish Security Service, Säpo (basically our FBI), immediately got wind of this and started investigating, ultimately recommending - in November 2015 - to put an immediate halt to the outsourcing
- The Transport Agency decided to ignore the advice of Säpo and handed over operations to IBM in December 2015
It seems that all of the shifting of labour is working out for IBM. I wonder how long it will be before the statement "nobody got fired for picking IBM" becomes false.
But that timeline does seem quite ridiculous. To wilfully ignore the recommendations of you security services, seems almost Trumpesque.
At this point (and historically for many years), it seems like there is no circumstance upon which an IBM salesperson or any of their management (right to the top) would ever say No to receiving more money.
It's a "soft" paywall - the content is still there. Use uBlock Origin or similar, and don't let the site set cookies, and everything will be fine (Firefox: right click -> View Page Info -> Permissions -> set "Set Cookies" to "Block").
I don't really think we can blame IBM on this one. From what I can tell, they followed the specs.
The problem was that the authority overseeing lots of very sensitive data forgot to specify that the individuals working on this project would need be a) swedish citizens, b) go through government level security clearance).
So then when IBM came back with, "hey guys, here's our list of a dozen+ guys in Serbia who need read/write access to all of the data", the swedish agencency felt like they had no choice to grant access to extra-nationals, even though it was clearly against the law.
Note: Serbia happens to be quite closely related to Russia, politically speaking. One of the admins who were granted read/write access had a ten year history in the serbian army...
It was reported by DN who received a copy of the Swedish Security Service's (Säpo) preliminary investigation [0]. My translation of a few paragraphs from the article:
"Swedish IBM used up to 11 subsidiaries and subcontractors in different countries, among them Romania, Croatia, Czech Republic and Serbia. ``But how the data would flow she did not understand'', witnesses a consultant who evaluated IBM's offer before the contract signing.
The ones who got "the keys to the kingdom" where three IBM administrators in Czech Republic, with full access to all data and logs. It meant the possibility to copy and distribute data and then remove all traces.
The computer systems' various firewalls and all communication were handled by a company in Serbia where 14 named persons became administrators, they, too, without a security check."
Serbia (not necessarily dozen guys, though) has been mentioned in a lot of news articles in the Swedish press. It's now even on the Wikipedia page in the Swedish Wikipedia.
Hopefully we can have a public discussion about ethics and vendor responsibility once the dust settles. If the government was so negligent that we may get a new one, then perhaps the vendor should have been aware of it? Perhaps they shouldn't have suggested such a solution in the first place? Perhaps they should have outright refused? Perhaps they should have demanded that the government change the law before proceeding? In what country do you get a free pass from the law just because the customer says so?
These vendors are being paid big money, and unlike our elected government officials, they are expected to be knowledgeable - experts in their field.
Well, one person was already fired for buying this kind of IBM, but that was just the director general of the authority that leaked the data. The thing most swedes have an issue with is that the government tried to silence the leak for like two years (people really dislike being actively lied to). If they had owned it, I don't think it would have been such a big deal.
It is an old truism that it is the cover-up that gets you. I.e. when we look at scandals, the thing that people generally get in trouble for was part of the cover up rather than the original scandal.
Given that this is common knowledge, why do cover-ups keep happening? Theory (A): the failed cover-ups we hear about are only a tiny fraction of the successful ones, so on average it is rational to try and cover things up. (B) cover-ups are not rational on average, but some bias in human psychology makes people do it anyway.
I am inclined to believe both, even though they contradict each other. I am also working on a (C) involving multiple parties drawing each other into the cover up in such a way that the person who takes the fall is not the principal who started the trouble.
People cover up things because at the time when the cover up starts the damage/cost of exposing the problem and taking the blame far outweighs the cost of doing a cover up. As time progresses (the simple view is) one of two things can happen, either the incident blows over and so the cover up was worth it, or the person needs to keep maintaining and increasing the cover up, thus increasing the damage/cost of the cover up.
In this way we end up with cover ups that cause more damage and are more costly than the original incidents, even though at the onset just owning up to the error would be less costly in the long term.
> Given that this is common knowledge, why do cover-ups keep happening?
Because the cover-ups work, and only happen when the people involved are deeply involved in the original scandal in a way which would get them in more trouble if it came out than their involvement in the cover up would. The fact that often their role in the cover up does get them in trouble doesn't change that the cover-up is usually successful, even in those cases, at preventing their role in encouraging (or more) the original wrongdoing from coming to light.
I can see the psychological angle: "Why fess up to it today when I can do it tomorrow?". Delaying the pain until someone realizes the window in which they could have made it public is now over and they have to continue covering it up.
This is different because it concerns a government, but as long as the CEO doesn't go to jail for IT breaches (Sony,...) and grossly negligent IT decisions (British Airways), nothing will change with data security.
The second the law changes, CEOs will make it a personal matter sound decisions are made.
Frankly I pin this down on IBM Sweden who knowingly cut corners in order to land a juicy government contract and satisfy its margin targets. Clearly not caring about the customer's best interest.
"It said that the project manager for the outsourcing agreement admitted during questioning that “he had no knowledge whatsoever of how to ensure security.”
You'd think someone would come in an consult on this, however, and setup basic protocols. A PM isn't expected to be a security expert -- that's what security experts are for.
That's what you get when the government pays 3/4 of private companies in salary. When you pay peanuts you get monkeys as they saying goes.
Also any type of consultancy work would probably have to go through "offentlig upphandling" which means the government puts out a proposal of what they want done and companies bid with the contract going to the lowest bidder. However someone has to formulate the requirements and that ends up going back on the original PM. Oh, and since the contract goes to the lowest bidder, what did you get when you payed peanuts?
Well, their security department/group raised the issues. Unfortunately they were regarded as a hassle and where bypassed in the discussions. They seem to have made the director general sign several documents where she acknowledged that what they were doing was agains the law. As a last resort they went to the Swedish Security Service with the information and that was what started the investigation.
This is terrible. When will people learn to NOT use computers at all for some things. Use typewriters and spend a little bit more on administrative workers. You trade in processing efficiency for making these catastrophic breaches rarer.
I think for actual security you need to practice physical security. No matter if the data is stored on paper or electronically, you will still need to air gap it, and have security and clearance protecting that data.
To put it into perspective Manning only got the data out because they were lax about securing the CD-burner in the computer he was using.
Absolutely. But computers and centralized data make physical security easier. Old fashioned typewriters, paper files, and manual indexes for searches are safer (for very specific things), because you simply just can't haul all of it out. For a decent set of paperwork you'd spend months or years xeroxing everything. Leaks may happen but may be smaller. Processed and redacted data may still be put on computers for searching. It's a tradeoff with obvious serious disadvantages, but one that can save the operations and even lives of the good guys.
I say this all the time, but I always get mocked for it. "There are hundreds of thousands of Americans with clearance, how are we supposed to administrate that without computers."
But what's the alternative? Even if you air gap things very, very aggressively you still get owned. The CIA has said that air gaps have never stopped them. Ok, so what are we going to do? Getting data out from computer systems is too easy. Things should be pen and paper and maybe specialized typewriters (there are ways of bugging typewriters or using sound recordings of the typing to reconstruct sentences).
At the very least we should keep our foreign agents out of our databases.
Let's assume people stop mocking this idea and ditch computers for the most recent and highly classified data. Over decades of replacing everything with computers and retiring oldtimers, we probably lost a whole set of skills to run physical paperwork, keep it secure and detect breaches.
The article doesn't mention many specifics, but I'd say when it comes to national security, Sweden has bigger (and more apparent) long-term issues than a handful of known IT professionals from Eastern Europe having access to private DBs.
> I don't understand the connection between the two. Do you mean the financial considerations?
Yep.They try to save money on the most crucial part of every country and yet they spent vast amounts on so called refugees.It does not make any sense to me..
The UN convention on refugees is that a person MUST seek refugee status in the first non-war location they set foot on.
Whether or not this convention/policy makes sense is a different matter (it was not conceived of for the mass migrations we are seeing now), but technically speaking, these people stop being refugees when they leave the first peaceful state they are in. And practically, they are shopping for benefits -- why settle for Denmark which forces you to integrate, when you can get to Sweden and only integrate if you want to? Why settle for Greece or Turkey, where you get safety in a refugee camp, when you can go to Germany and get safety and help among the local's preferred residence?
I do not fault these people for trying to get the best for themselves - I'm not sure I'd have acted differently in their place - but the word "refugees" has very specific legal meaning, both locally and internationally, and therefore "so called refugees" is technically correct, because these people are not refugees by international conventions and definitions.
That just moves the goalpost though. Denmark could say the same to Germany, and they to southern countries. Should the beach-cities of Italy carry all the responsibility? Should we in Norway not help humanity, because there are some other borders between us and the problems?
No, it doesn't just move the goal posts - international law does make the first peaceful ground different by being the place a refugee needs to settle their status first.
The refugee infrastructure in Italy (and Turkey, and Greece, and Jordan) is stretched thin and breaking, as this law was not written for the current situation. And as a result, Italy asked for help, did not receive it, and is now threatening to use a loophole to grant every refugee seeker some EU status that would make them effectively pan-european refugees -- but that has not happened yet.
Assuming you are norweigan -- didn't Norway recently threaten closing the Swedish border if Sweden doesn't reign on their refugee situation and stop them from crossing to norway?[0] Not sure if this speisa is reliable, remember reading it in a reputible source but can't find one right now on Google.
> Assuming you are norweigan -- didn't Norway recently threaten closing the Swedish border if Sweden doesn't reign on their refugee situation and stop them from crossing to norway?
Yes, as has happened elsewhere in the world, we have elected a government based on fear, FUD, protectionism and anti-immigration.
I don't support us sitting on a throne of riches, leaving the rest of the world to deal with the problems, though. This is of course my personal belief, but I also think not doing it this way is shortsighted and will leave everyone, including us, worse of in the long run.
Overstretching infrastructure won't make it any better for anyone. Imagine the lifeboat which accepts everyone and sinks because it cannot support the weight.
I think we should help, but compared to capita Sweden has been carrying most of the burden for a war we have no stake in and for us it is a huge economical loss to host all these people here. Many will probably never have a job in Sweden.
Then it's the security issue, there is no background checks in Sweden. They could be literally mass murderers and IS-fighters and we would have no idea. Then there is this age issue. In Sweden they throw away their papers and say that they are underage when they are clearly sometimes around 30. Then they go to school with real boys and girls and shit like this happens:
http://www5.idrottonline.se/globalassets/gefle-if-fif---frii...
It is time for Sweden to stop accepting refugees. I think very few people in Sweden are against immigration, just irresposible immigration.
Huh? You stop fleeing from war when you get to a nation that is in peace. Then, you head for Sweden to get free money from the government for the rest of your life.
The further the data gets from the original designers of the system, the less likely it's being protected properly.
I've seen this time and again not just in outsourcing but also in regime change at companies where employees and management turn over.
Pretty soon you've got a whole host of legal contracts with customers and regulatory promises saying you provide X, Y, Z encryption, data redundancy, offsite backups, support contracts, and so on -- but you're doing none of it.
I wonder to what extent outsourcing ends up being cheaper precisely because they're not following the framework that the in-house crew implemented and hopefully stuck with.
This is a very very curious incident. Advice from SAPO was not taken. And almost literally everything has been exposed because someone in the transport authority wanted to proceed? Incredible. Kompromat was it?
- identities of undercover operatives - personal identity data of everyone with a driver's licence - people with protected identities - location of all army vehicles - money transport vehicles - classified infrastructure information
Even worse: when they realized they'd leaked photos, home addresses and SSNs of protected identities, they sent a clear text email asking the contractor to clear them from the database manually.
<emotional rant> My country is a joke.
SÄPO knew about this in 2015, and recommended against it, but the Transport Agency still went through with the deal. How they could even be allowed to do that is beyond me.
The director general of the Transport Agency, and the person ultimately responsible for the leak, was fined a mere $8500 (which is half of what she allegedly would earn in a _month_) for leaking highly classified information to foreign powers - an act that would be punished as high treason in any sane country. Either she knew exactly what she was doing, meaning the Russians paid a meagre $8500 for full access to a database containing top secret information, or (more likely) she was just that stupid, meaning possibly hostile powers got this information for free.
But hey, that's Sweden, where incompetent people become director generals of big government agencies, and any screw up they get caught with is excused by saying that you didn't know better.
Here, Swedes believe that Trump is such a catastrophe, and wonder why Americans could vote for him. We should instead look at our own pathetic "feminist" government, and ask ourselves how and why we got here.
But hey, luckily for everyone we don't have nukes. We'd probably accidentally give the launch codes to Saudi Arabia/Palestine, and respond by giving the person responsible for the leak a small fine while the rest of the world burned in the war that erupted after Israel got nuked. </rant>